Share via

Azure EventGrid Namespace Topic: Deleted push subscriptions continue delivering events to old webhook endpoints

Mohammad Alinia 20 Reputation points
2026-03-18T06:23:19.8666667+00:00

We're experiencing phantom event deliveries from an Azure EventGrid Namespace Topic where previously deleted push subscriptions appear to still be actively delivering events to their old webhook endpoints, even though only the replacement subscriptions exist.

Environment:

  • Region: UK South
  • Resource type: Microsoft.EventGrid/namespaces (MQTT-enabled namespace with namespace topics)
  • API version used for subscription management: 2024-06-01-preview and Pulumi Azure Native provider

Setup: We have a namespace topic with 2 push event subscriptions (webhook type) using deliveryWithResourceIdentity (system-assigned managed identity + AAD auth). Both subscriptions have a -new suffix because they replaced earlier subscriptions that were deleted and recreated in late December 2025.

The problem: Events are being delivered via HTTP POST to a different Container App (api.) in the same Azure Container Apps Environment that is NOT configured as a destination in any active subscription. Both active subscriptions point exclusively to eventgrid-webhook.. Yet we consistently receive:

  • POST /telemetry/eventgrid-webhook-heartbeat on the api container app (~every 2-3 minutes)
  • POST /telemetry/eventgrid-webhook-trip-1 on the api container app (in bursts of 9+ requests per second)

These paths match the webhook endpoints of the old (deleted) subscriptions, which previously pointed to the api container app before being recreated pointing to eventgrid-webhook.

Azure Event Grid
Azure Event Grid

An Azure event routing service designed for high availability, consistent performance, and dynamic scale.

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Siddhesh Desai 4,895 Reputation points Microsoft External Staff Moderator
    2026-03-18T07:03:52.15+00:00

    Hi @Mohammad Alinia Thank you for reaching out to Microsoft Q&A.

    I checked from the backend:

    • Both webhook endpoints are now mapped to new event subscriptions with the old event subscription no longer visible, It confirms successful update and removal of outdated subscriptions.

    In order to resolve this issue: Can you delete the endpoint as it might be cached to the older subscription and recreate the webhook endpoint again for the new subscription. This would help connect the endpoints to the new event subscription without any cache issues.

    0 comments
  2. Q&A Assist
    2026-03-18T06:23:39.68+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    From the available information, the only supported, documented behavior for Azure Event Grid namespace topics is:

    • Delivery is driven solely by existing event subscriptions on a namespace topic.
    • Each event subscription defines the destination endpoint and delivery behavior (including retry and TTL).
    • Undeliverable events can be retried for a period, but only within the configured retention and TTL windows.

    Key points from the documentation relevant to this scenario:

    1. Event delivery is controlled by event subscriptions
      An event subscription is the configuration that both selects events and defines the destination endpoint. When a subscription is deleted, its configuration (including the endpoint) is no longer part of the active delivery pipeline.

      “An event subscription is a configuration resource associated with a single namespace topic… Using an event subscription, you also define the destination endpoint to which the events are sent. In addition, an event subscription allows you to set other properties, such as the maximum delivery retry count and the events' time to live, that define the event delivery's runtime behavior.”

    2. Namespace topic retention is bounded (1–7 days)
      Namespace topics retain undelivered events only for a limited period:

      “Namespace topic configuration for properties.eventRetentionDurationInDays … allows users to specify an integer between 1 to 7 days, inclusive.”

      This means that even if there were undelivered events associated with an old subscription, they would not be retained or retried indefinitely beyond the configured retention window.
    3. Push delivery with retry is per subscription and at-least-once
      Push delivery is durable and uses a retry policy, but is still scoped to existing subscriptions:

      “Event Grid namespaces push delivery provides durable delivery. Event Grid tries to deliver each message at least once for each matching subscription immediately. If a subscriber's endpoint doesn't acknowledge receipt of an event or if there's a failure, Event Grid retries delivery based on a fixed retry schedule and retry policy.”

      Once a subscription is removed, there is no documented mechanism by which Event Grid would continue to send new events to the deleted subscription’s endpoint.
    4. Webhook delivery and identities
      For webhook endpoints (including those secured with Microsoft Entra / managed identities), the platform behavior is that Event Grid sends events to the configured webhook URL on the subscription. The documentation does not describe any background or “heartbeat” traffic to endpoints that are no longer configured as destinations.

    Given this documented behavior:

    • Persistent deliveries to an endpoint that is not configured on any current subscription are not described or supported behavior in the documentation.
    • With retention limited to at most 7 days and delivery governed by existing subscriptions, there is no documented way for deleted subscriptions to continue delivering new events long after they were removed.

    The issue described therefore does not match any documented, expected behavior for Event Grid namespace topics and event subscriptions. The appropriate next step is to open a support case with Azure Support so the Event Grid product group can inspect the specific namespace, topic, and subscription history in the UK South region and determine whether there is a platform-side issue (for example, a stale or orphaned subscription record not visible through normal management APIs).

    When opening the case, include:

    • Namespace resource ID and topic name.
    • Region (UK South) and API version used (2024-06-01-preview).
    • Timestamps and sample request IDs from the unexpected POSTs to the api.* Container App.
    • Confirmation of the currently active subscriptions and their endpoints.

    This will allow the service team to correlate logs and internal state with the phantom deliveries and remediate if needed.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.